Q: How does someone get fined outside of the EU?

Article 27 of the GDPR is the first line of defense. It requires companies without operations in the EU to appoint an EU representative. If that doesn’t happen, non-EU companies will be perused via local enforcement actions within their country via mutual legal assistance treaties (MLAT), and private prosecutions under similar local laws.

 question sent in by Claire.M from Taiwan